Hard drive eraser

ABSTRACT

Systems, apparatuses and methods for erasing hard drives. A system, which can be configured as a stand-alone and portable apparatus, includes a control device configured to support an erase module. The erase module is configured to erase a hard drive such that data erased from the hard drive is forensically unrecoverable. The system further includes a user interface and at least one drive bay configured to provide communication between a hard drive and the control device.

CROSS REFERENCE TO RELATED APPLICATIONS

This application claims benefit to U.S. Provisional Patent ApplicationNo. 60/728,320 filed on Oct. 20, 2005, the disclosure of which isincorporated herein by reference.

BACKGROUND

The present invention relates to computer and data security,particularly to an apparatus and method for erasing data contained uponmagnetic data storage media.

Computer and data security are important concerns for individuals,businesses and governments. Particularly, secure techniques for erasingor otherwise disposing of electronically stored data are growingconcerns. U.S. Patent Application Publication No. 2004/0252628, which iscommonly assigned to Ensconce Data Technology, Inc. and is incorporatedherein by reference, describes the developing importance of secure datadestruction for individuals, businesses and governments. Legislation hasalso pushed the importance of data security to the forefront. To complywith federal regulations, companies now need to completely and reliablyeliminate all sensitive data on hard disk drives prior to disposing ofor reusing the drive. Specifically provisions of the Financial ServicesModernization Act (2003)(Gramm-Leach-Bliley), the Fair and AccurateCredit Transaction Act of 2003 (FACT Act), the Corporate and CriminalFraud Accountability Act of 2002 (Sarbanes-Oxley), and the HealthInsurance Portability and Accountability Act (HIPPA) all contain datasecurity requirements. The regulations under these acts set requirementsfor securely handling sensitive data.

In response to the increasing need for computer and data security,techniques for erasing or destroying electronically stored data havebeen developed. One such development is data eraser software, which isintended to make deleted files unrecoverable as well as eliminate theextraneous data that is created and stored by many applications,especially those involving the Internet. Such software is run on thecomputer containing the hard drive that stores the information to bedeleted. The software causes an over-write of certain data on the harddrive. However, the computer's BIOS and/or components of the hard driveitself may interfere with the software, preventing complete erasure ofdata on the hard drive. For example, the BIOS of the computer and/orhard drive components may prevent data on certain areas of the harddrive from being erased. Therefore, the data is not securely erased ordestroyed and can often be recovered by known forensic data recoverytechniques.

Accordingly, what is needed is an apparatus and method for erasing datacontained on a storage medium, such as a hard drive, such that it isunrecoverable by known forensic data recovery techniques.

SUMMARY

Embodiments provide apparatuses and methods for erasing hard drives. Asystem, which can be configured as a stand-alone and portable apparatus,includes a control device configured to support an erase module. Theerase module is configured to erase a hard drive such that data erasedfrom the hard drive is forensically unrecoverable. The system furtherincludes a user interface and at least one drive bay configured toprovide communication between a hard drive and the control device.According to exemplary methods, a hard drive is erased using a lowfrequency. According to another aspect, a certificate is generatedcertifying that a hard drive was erased.

Additional features and embodiments will be apparent from the followingdetailed description and drawings, which illustrate exemplaryembodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a hard drive erase systemaccording to an exemplary embodiment of the invention;

FIG. 2 is a schematic diagram of a portion of a hard drive;

FIG. 3 is a flow chart illustrating a method for erasing a hard driveaccording to an exemplary embodiment of the invention; and

FIGS. 4-13 depict structural configurations for a hard drive erasesystem according to exemplary embodiments of the invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

In the following detailed description, reference is made to theaccompanying drawings, which form a part hereof and show by way ofillustration specific embodiments that the invention may be practiced.In the drawings, like reference numerals refer to like elements. Theillustrated embodiments are described in sufficient detail to enablethose skilled in the art to practice them, and it is to be understoodthat other embodiments may be utilized, and that structural and logicalchanges may be made. The progression of process steps described isexemplary of the embodiments; however, the sequence of steps is notlimited to that set forth herein and may be changed, with the exceptionof steps necessarily occurring in a certain order.

FIG. 1 illustrates a hard drive erase system 100 according to anexemplary embodiment. The system 100 is a stand-alone system thatprovides secure erasure capability of hard disk drives. The system 100enables hard disk drives to be erased such that the data selected forerasure is forensically unrecoverable. The term forensicallyunrecoverable means that data is not recoverable by presently usedtechniques.

The system 100 includes a control device 120 capable of supportingsoftware applications. For example, the device 120 can be a centralprocessing unit, a server, among others. The control device 120 supportsan erase module 140. The erase module 140 can be one or more computersoftware program applications for erasing data from storage media. Forexample, the module 140 can include software available from the MagneticRecording Research Center (MRRC) at the University of California, SanDiego, specifically the software titled “HDDErase 2.0 Beta,” among othersoftware applications.

The control device 120 is in communication with a storage device 122.The storage device can be any form of memory capable of storingelectronic data. According to one exemplary embodiment of the invention,the erase module 140 causes data about each erase procedure to be storedon the storage device 122. In this manner, the system 100 maintains alog of erase procedures. The stored data can include hard driveidentification information, such as the drive serial number, the drivemanufacture, drive model, drive size; a start date/time stamp; an enddate/time stamp; the erasure method; an indication of success orfailure; the user who initiated the erase procedure; erase certificates;among others.

The system 100 also includes a user interface 101, which enables theuser to input information into the system 100 and gain information fromthe system 100. Preferably the user interface 101 is a graphical userinterface (GUI). The user interface 101 can be for example, a displaydevice and keyboard, or a touch screen monitor, among others.

The system also includes at least one hard drive bay 110. In theillustrated embodiment the system 100 includes a plurality of hard drivebays 110. Each bay 110 can be populated with at least one hard drive170. Accordingly, the system 100 can support the erasure of multiplehard drives 170 simultaneously. The drive bays can support at least onetype of hard drive 170, but preferably supports multiple hard drive 170types. Each bay 100 optionally includes a locking mechanism 111 and astatus indicator 112 for signaling the status of the hard drive 170 inthe bay 110. Preferably, the control device 120 is in communication withthe locking mechanism 111 and is aware of whether the locking mechanism111 is in a locked or unlocked state. Although the status indicator 112is shown on the drive bay 110, status of hard drive 170 in each bay 110could instead be displayed on the user interface 101.

Each drive bay 110 can be operated independently of other drive bays 110and individual hard drives 170 can be connected and disconnected fromthe system 100 drive bays 110 without interfering with the operation ofother drive bays 110. Accordingly, the user can remove one hard drive170 from and connect a hard drive 170 to the system 100 without poweringdown the system 100 or interrupting an ongoing erase procedure.

The drive bays 110 enable communication between one or more hard drives170 and the system 100 such that the system 100 can erase data containedon the hard drive(s) 170. Optionally, the system 100 can be configuredsuch that the user can access and read the contents of a hard drive 170that is in a drive bay 110 via the user interface 101.

Each drive bay 110 includes at least one connecting device, such as aport, cable, probe, or any device, mechanism or means for establishingcommunication between system 100 and a hard drive 170. In oneembodiment, a drive bay 110 includes one or more cables 110 a thatconnect to a hard drive 170, e.g., a data cable and a power cable. Otherdevices and means for providing communication between the system 100 andthe hard drive 170 can also be employed. The system 100 can accommodatedifferent hard drive 170 types that have differing cabling requirements.Additionally, a drive bay 110 can include a probe 11013, which attachesto a hard drive 170 at locations other than typical cable attachmentlocations. For example, the probe 11013 can connect to inject a signalthe printed circuit board of the hard drive 170. Alternatively, thesystem 100 is configured to communicate with the hard drive 170 in situ,i.e., as it is found in a particular device, such as a personalcomputer. It should be understood that the system 100 can include one ormore dive bays 110 and also be configured to connect directly to one ormore hard drives 170 in situ.

Optionally, the system 100 is in communication with an output device 125for outputting information, such as the status of hard drives 170 anderase certificates, for example by printing, emailing, or other outputmechanism. In one embodiment, the output device is a printer forprinting certificates (e.g., in the form of labels) certifying that aparticular hard drive 170 has been erased. Alternatively, the outputdevice could be integrated with the system 100.

Also optionally, the system 100 can be in communication with theInternet 151 or other computer network (not shown). The control device120 can be configured to provide erase certificates and logs to a remotedevice 150, such as a computer, which can be part of a computer networkcontrolled by a third party independent of the system 100 user.According to one embodiment, the third party receives erase certificatesfrom a variety of sources, for example, from multiple systems 100, andstores the erase certificates. In this manner, the third party keepsdata regarding hard drive erasures which can be readily accessed asneeded.

In conventional write-over erase procedures, a read/write head writesover a portion of a disk drive 170. FIG. 2 is a schematic diagram of thesurface of a storage portion of a hard drive 170. The read/write headmoves in the paths or tracks 225 depicted in FIG. 2. The fringes 226 ofthe tracks 225 may be magnetized to some extent during the data writingprocess, although the fringes 226 may be magnetized relatively weakly ascompared to the central area of the tracks 225. Moreover, data in thefringes 226 may be incompletely erased by the write-over process. Suchincompletely erased data may be recovered with forensic technologies.The system 100, however, enables complete erasure of a hard drive 170,such that data erased from the drive 170 cannot be forensicallyrecovered. Note that the track 225 and fringes 226 are only shownschematically and that there may be relatively gradual rather thansudden transitions between where the tracks 225 (where a write-over issufficiently complete so that data is unrecoverable) and the fringes226) where data is recoverable due to incomplete write-over).

In one embodiment, the control module 140 provides a “low frequency”write-over of the entire hard drive 170 to be erased. The write over maybe performed, for example by a software program, such as the HDDErase2.0 Beta Software. The low-frequency is the frequency of the magnetizingelectrical current provided to the magnetizing write heads in the harddrive 170 being erased. The low-frequency is chosen to be lower than thefrequency normally used by the hard drive 170 to write data. As thefrequency is lowered, the effective write-over area of the track 225 iswidened Preferably, the low-frequency for a given drive is chosen to below enough to increase the area of the track 225 so that there are nofringes 226 left with sufficient data that may be forensicallyrecovered, i.e., to completely erase the drive 170. A predeterminednumber of such write-overs are conducted to erase the drive 170. Theuser can select the number of write-overs or use a default selection.

The low-frequency of the write-over depends on the type of hard drive170 to be erased. For example, for a Seagate Barracuda drive, thelow-frequency used is preferably between about 20 Mhz and about 0 Mhz ascompared to the normal frequency of about 50 Mhz or greater. A frequencyof 0 Mhz causes the drive 170 to be overwritten with a DC signal. Asconventionally used, hard drives 170 will not perform a “DC Erase.” Inan exemplary embodiment, the erase module causes the hard drive 170 toperform a DC Erase by providing a signal to the hard drive 170 throughthe printed circuit board (not shown) of the hard drive 170.

Optionally, the module 140 is configured to erase hard drives 170 by avariety of different methods. For example, the system can be configuredto erase a hard drive 170 using a low-frequency erase procedure asdescribed above and one or more conventional write-over processes, suchas multiple write-over procedures or off-track write-over procedures.

In another embodiment, the module 140 copies predetermined files fromthe hard drive 170 to the storage device 122, a different hard drive 170in a different bay 110, or an external hard drive (not shown). Themodule 140 then completely erases the drive and replaces thepredetermined copied files on the drive. The module 140 can also beconfigured to ghost (i.e., completely copy) a hard drive 170 onto adifferent hard drive 170. Further, the module 140 can also be configuredto provide post-erase procedures, such as reformatting or repartitioningof the hard drive 170.

In an additional embodiment, the module 140 is configured to provideprivacy protection erase processes that do not require any data on ahard drive 170 to be read prior to the erase procedure. For this, themodule 140 writes sectors of the hard drive 170 with one or more flags(i.e., predetermined data). After the erase procedure is complete, themodule 140 reads the previously flagged portions of the drive 170 toensure that the data was erased. Alternatively, the module 140 couldfirst write over the drive 170, then perform an erase procedure and thenread the drive to ensure that the data was erased. With theseprocedures, there is no need to read the data originally contained on ahard drive 170.

In a further embodiment, module 140 is configured to providecertificates providing information regarding a hard drive 170 that hasbeen erased or otherwise processed by the system 100. The certificatecan contain, for example, hard drive identification information, such asthe drive serial number, the drive manufacture, drive model, drive size;a start date/time stamp; an end date/time stamp; the erasure method orprocedure conducted (e.g., ghosting, formatting, etc.); an indication ofsuccess or failure; the user who initiated the erase procedure; amongother information In one aspect, a condition for certification is thatthe drive bay 110 remains closed and locked for the entire erasureprocess. The certificate can be in any format (e.g., any file format,electronic, printed, among others).

FIG. 3A illustrates one embodiment of a process for erasing a hard drive170 using the system 100 (FIG. 1) according to an embodiment of theinvention. It should be understood that the sequence of the stepsdescribed in connection with FIG. 3A can be altered and additional stepsmay be added.

In step 201 the system 100 is activated or “booted up” by the user. Uponsystem boot, the user is presented with a graphical user interface 101.Optionally, the user is required to enter login information using theuser interface 101. The requirement for login information isparticularly useful if use of the system 100 is to be restricted tospecific users. Any suitable login scheme can be used, such as a passcode, biometrics, and voice recognition, among others.

Upon entering invalid login information in step 202, the user isprevented from accessing the erase module 140 in step 203. If the userinputs valid login information in step 202 the user is able to interfacewith the module 140 at step 204. Multiple users may have access to thesystem 100 at a same time.

Using the user interface 101, the user can begin an erase procedure,view erase logs and certificates stored on the storage device 122, andmanage the system 100. These procedures will be described in more detailbelow.

The user begins an erase procedure at step 205 For this, the user 140installs a hard drive 170 to be erased and locks the drive bay 110 towhich the hard drive 170 was installed. Alternatively, the system 100can be connected to the hard drive 170 in situ. At step 206, the erasemodule 140 detects that the hard drive 170 is installed and the lockingmechanism 111 is in a locked state.

In step 207, the user can then select the erase method to be used byinputting information into the user interface 101. Alternatively, theuser can accept a default erase method preset in the system 100. In oneembodiment, the user can also select to have certain files copied fromthe hard drive 170 to storage device 122 (or a different hard drive 170in a different bay 110), and then replaced on the drive after it iserased, or to have the contents of the hard drive 170 ghosted to thedifferent hard drive 170.

Once the erase method is selected, the user initiates the eraseprocedure in step 208. The user may allow the erase procedure to becompleted or may terminate the procedure prior to completion. Uponcompletion or termination of the erase procedure in step 209 (whether ornot successful), the results are stored on the storage device 122.

In step 211, the user selects to receive an erase certificate. In oneembodiment the certificate is printed in the form of a label to beaffixed to the drive 170. Optionally, the certificate can also be sentin electronic form or other form, to a third party. For example, theerase certificate may be sent in electronic form via the Internet 151 toa third party. The third party can be a certificate service that willverify the certificate to prove that the hard drive 170 has beensuccessfully or unsuccessfully erased.

In step 213, the user removes the erased hard drive 170 from the drivebay 110. If the user has printed an erase certificate (e.g., in labelform), the user places the erase certificate on the erased hard drive170.

In step 210, the user can manage the system 100, including all bays 110.The user can, for example set, or change their own password, selectdefault erase methods for the drive bays 100, among others. The user canalso receive updates for the erase module 140.

In step 212, the user can view the system 100 logs and erasecertificates. Optionally, the erase module 140 can be configured toenable the user to search the erase logs based on desired searchcriteria.

FIG. 3B illustrates a process of using a system 100 having at leastfirst second and third drive bays 110-1, 110-2, 110-3, respectivelyaccording to another embodiment of the invention. The method depicted inFIG. 3B is particularly useful in forensic applications. If evidence ofa crime or event is in the form of a hard drive 170 or data thereon, itis necessary to preserve the hard drive 170 and any data thereon, but itis also desirable to analyze the hard drive 170 and its data withoutunduly disturbing the evidence and while maintaining a clear chain ofcustody. A solution is to copy the evidence hard drive to one or moreother hard drives that are known to be free of data.

In step 301 and 302, first and second hard drives 170-1, 170-2 areplaced in drive bays 110-1, 110-2, respectively. The first and secondhard drives 170-1, 170-2 are securely erased to ensure that no data ispresent on either drive 170. In step 303, the erase procedures arecertified as described above in connection with step 211 of FIG. 3A.

In step 304, the evidence hard drive 170-3 is placed in a third drivebay 110-3. The drive is then ghosted to each of the first and seconddrives 170-1, 170-2 in drive bays 110-1, 110-2. That is, all data fromthe evidence drive is copied to each of the first and second drives170-1, 170-2 in drive bays 110-1, 110-2.

If desired, the evidence drive 170-3, the drive is erased securely instep 306. A certificate for this erase procedure and/or ghostingprocedure can also be provided in step 307. The evidence drive, whetheror not erased, may then be kept by appropriate authorities or returnedto its owner. The copied first and second drives 170 can be analyzed.Alternatively, if needed, one of the copied hard drives 170-1, 170-2 canbe stored by appropriate authorities as evidence.

Although the process described above in connection with FIG. 3B includemaking two copies of a hard drive 170, additional or fewer copies can bemade as necessary or desired.

FIGS. 4-13 depict structural configurations for a hard drive erasesystem 100 (FIG. 1) according to exemplary embodiments of the invention.

Referring to FIG. 4, the system 100 includes a stand-alone baseapparatus 700. The term stand-alone means that the apparatus 700 isconfigured to receive or connect to a hard drive 170 such thatimpediments to data erasure, such as the native device's BIOS,components of the hard drive itself, among others, are avoided. Forexample, the apparatus 700 can receive a hard drive 170 that is normallyused with a efferent device, such as a personal computer (PC) forallowing the PC user functional access to the data. Alternatively, theapparatus 700 can be connected to a hard drive 170 in situ in its nativedevice.

This is distinguishable from the conventional erasure techniquedescribed above of simply loading erasure software onto the PC toattempt to erase data from the PC hard drive 170 in its native device oras it is conventionally connected to enable user access to the datastored on the hard drive 170. Preferably, the apparatus 700 isphysically separate from other apparatuses. However, the apparatus 700may be physically adjacent to or physically incorporated into anotherapparatus or device, and may be in communication with another device viathe Internet 151 or a computer network.

The base apparatus 700 can include drive bays 110, which are accessiblevia an access means, such as door 705, an opening, among others.Alternatively, where the apparatus 700 is to connect to a hard drive 170in situ, one or more of the drive bays 110 can instead be a connectingmeans, such as a cable, probe or other device for providingcommunication between components of the apparatus 700 and the in situhard drive 170.

The apparatus 700 also includes a user interface 101. Hard drives 170 aplaced in the apparatus 170 and connected to a connecting device, suchas a port, cable, probe, or any device, mechanism or means forestablishing communication between system 100 and a hard drive 170. Inone embodiment, the hard drive 170 is connected such that componentsthat interfere with data erasure of the hard drive 170 are avoided.Cable connections 110 a are shown in FIG. 5 as the connecting device,but other connections, such as a probe 110 b, among others, can be used.

FIG. 5 depicts a more complex embodiment of the system 100 including thebase apparatus 700. In the illustrated embodiment, the additional bays110 are included in supplemental apparatuses 805, 806. Supplementalapparatuses 805, 806 contain drive bays 110 and means for interfacingwith the base apparatus 700 (e.g., a port, cable, or any device,mechanism or means for establishing communication between thesupplemental apparatus 805, 806 and base apparatus 700 such that thedrive bays 110 of the supplemental apparatus 805, 806 are incommunication with the system 110). As shown in FIG. 5, the supplementalapparatuses can be stackable over or under the base apparatus 700 andcan be in the form of drawers 805 or a platform 806.

FIGS. 6-10 depict a readily portable structural embodiment of the system100. As shown in FIGS. 6 and 7, the system 100 can configured within asingle portable base apparatus 1000. FIG. 6 is a front and side view ofthe apparatus 1000 and FIG. 7 is a rear view of the apparatus 1000. Thebase apparatus 1000 includes an optional handle 1002 (FIG. 6) to promoteportability. The base apparatus 1000 includes an interface 1156 for apower cord, so that the base apparatus 1000 can be connected to a powersource. The base apparatus 1000 can also include a rechargeable battery(not shown) to enable use where a power source is not readily available.

The base apparatus also includes user interface 101 (FIG. 6), which isshown as a touch screen interface. The user interface could also beanother type of interfaces, such as a screen and keyboard and/or anaudio interface. The output device 125 is an integrated label printerhaving a label dispenser 1125 for printing certificates in the form oflabels as described above. The base apparatus 1000 also includes ports1155 (FIG. 7) (e.g., USB, ethernet and phone ports) to allow the baseapparatus to be connected to the Internet and/or other base apparatuses1000 or devices.

The apparatus 1000 also includes drive bays 110. Each drive bay 110includes an opening 1012, which is configured to receive a drive module1100. The drive module 1100, in turn, is configured to receive a harddrive 170. FIGS. 8-10 show additional views of the drive module 1100. Asexplained in more detail below, with the configuration of the drive bays110 and drive modules 1100 illustrated in FIGS. 6 and 8-10, cables arenot needed to provide a connection between hard drives 170 and thesystem 100.

As shown in FIG. 6, each drive bay 110 includes a port 1010, shown as aUSB port, within the opening 1012. Each drive module 1100 includes aport 1110 configured to connect to the port 1010 of the drive bay 110.Thus, each drive module 1100 can be used interchangeably in each of thedrive bays 110. It should be understood that any suitable port orconnection providing communication between the drive module 1100 and thedrive bay 110 can be used.

Each drive module 1100 also includes one or more hard drive ports 1160,1161 (FIG. 8) configured to receive a hard drive 170. So that the system100 can accommodate different types of hard drives 170, different drivemodules 1100 can have different ports 1161, 1160 suitable for differenttypes of hard drives 170.

Preferably, the one or more ports 1160, 1161 are provided on aninterface board 1166. In the event replacement of the interface ports1160, 1161 is desired (e.g., due to damage or if different ports 1160,1160 are desired to accommodate a different type of hard drive), theinterface board 1166 can be removed from the drive module 1100 andreplaced with another interface board. This provides a cost reduction ascompared to replacing the entire drive module 1100.

The drive module 1100 also includes a hard drive support portion 1120.The support portion 1120 serves to stabilize the hard drive 170 when itis connected to the drive module 1100. In the illustrated embodiment,the support portion 1120 also serves as a guide when the drive module1100 is placed in a drive bay 110 to ensure that the drive module port1110 connects to the drive bay port 1010. FIG. 10 depicts a side view ofa hard drive 170 connected to a drive module 1100.

In the illustrated embodiment, the support portion is connected to thedrive module 1100 by a hinge 1121. Accordingly, the support portion 1120can be position in an open position (FIG. 8) or a closed position (FIG.9). When in a closed position, support portion 1120 covers and protectsthe ports 1110, 1160, 1161 and promotes portability.

Each drive module 1100 includes a latch 1111, which activates a lockingmechanism 111, such as a solenoid lock, among others. As shown in FIG.6, each drive module 1100 also includes a status indicator 112. In theembodiment of FIG. 6, the status indicator includes LEDs of varyingcolors, which signal the status of the hard drive 170 in the drive bay110. For example, green can indicate that a procedure is complete andthe hard drive 170 can be removed, while red can indicate that aprocedure is in progress and the drive bay 110 should not be opened.

It should be understood that one or more drive bays 110 according to theembodiments described herein could also be included in a conventionalcomputer device. For example, a drive bay 110, including a drive module1100, can be provided in a personal computer or other device to enablethe device to accommodate various types of hard drives.

FIGS. 11-13 depict more complex embodiments of the system 100 includingthe base apparatus 1000.

FIG. 11 shows the base apparatus in communication with a laptop computer1199 (or other personal computer device) and an external hard drive 1198via ports 1155 (FIG. 7). In this configuration, the base apparatus 1000serves as an external hard drive to the laptop 1199. The external harddrive 1198 can serve as the storage device 122 and/or receive datacopied from hard drives 170 within the drive bays 110.

FIG. 12 illustrates multiple base apparatuses connected together viaports 1155 (FIG. 7) in a “daisy-chain” manner. In this configuration,each apparatus 1000 can function as both a client and a host device.Further, an expansion bay 1210 is connected to and in communication witha base apparatus 1000. The expansion bay 1210 includes additional drivebays 110, which are operated through the base apparatus 1000 to whichthe expansion bay 1210 is connected.

FIG. 13 depicts a “hub-and spoke” configuration of apparatuses 1000. Inthe FIG. 13 embodiment, the apparatuses 1000/1300 that are connected tomultiple other apparatuses 1000 serve as a hub for controlling thoseother apparatuses 1000.

It should be understood that a variety of other configurations includingone or more apparatuses 1000 are possible. Further, such otherconfigurations can include an expansion bay 1210, laptop 1199(or otherpersonal computing device) or external hard drive 1198.

The structural configurations depicted in FIGS. 4-13 are examples onlyand other structural configurations are possible. Further, the processesand devices described above illustrate preferred methods and devices ofmany that could be used and produced. The above description and drawingsillustrate exemplary embodiments, which achieve the objects, features,and advantages of the present invention. It is not intended, however,that the present invention be strictly limited to the above-describedand illustrated embodiments. Any modifications of the present inventionthat come within the spirit and scope of the following claims should beconsidered part of the present invention.

1. An apparatus for erasing hard drives, the apparatus comprising: acontrol device, the control device configured to support an erasemodule, the erase module configured to erase a hard drive such that dataerased from the hard drive is forensically unrecoverable; a userinterface; and at least one drive bay configured to providecommunication between a hard drive and the control device.
 2. Theapparatus of claim 1, wherein the erase module is configured to providea current having a lower frequency than a current used to write thedata.
 3. The apparatus of claim 1, wherein the communication between thehard drive and the control device is configured such that impediments todata erasure in the hard drive are avoided.
 4. The apparatus of claim 1,wherein communication between the hard drive and control device isprovided by a cable.
 5. The apparatus of claim 1, wherein the drive baycomprises: an opening, a first port located within the opening, and adrive module, the drive module having at least one second portconfigured to receive a hard drive and at least one third port forconnecting to the first port.
 6. The apparatus of claim 5, wherein thedrive module further comprises a support portion configured to stabilizethe received hard drive.
 7. The apparatus of claim 1, further comprisinga storage device configured to store information about an eraseprocedure.
 8. A system for erasing hard drives, the system comprising: acontrol device, the control device configured to support an erasemodule, the erase module configured to erase a hard drive such that dataerased from the hard drive is forensically unrecoverable; a userinterface enabling user input; a plurality of drive bays connected tothe control device, each drive bay configured to provide communicationbetween a hard drive and the control device; a storage device incommunication with the control unit for storing information; and anoutput device in communication with the control unit for outputtinginformation.
 9. The system of claim 8, further comprising a networkconnection device enabling the control device to connect to a computernetwork.
 10. The system of claim 9, wherein the network connectiondevice enables the control device to connect to the Internet.
 11. Thesystem of claim 8, wherein at least one drive bay further comprises alocking device, the locking device being in communication with thecontrol device.
 12. The system of claim 8, wherein the user interface isa touch screen monitor.
 13. The system of claim 8, wherein the outputdevice is a printer.
 14. The system of claim 8, wherein the plurality ofdrive bays are configured to be modular, such that one or more drivebays can be connected or disconnected from the control device.
 15. Thesystem of claim 8, wherein at least one drive bay comprises a cable forproviding communication between the hard drive and the control device.16. The system of claim 8, wherein each drive bay comprises: an opening,a first port located within the opening, and a drive module, the drivemodule having at least one second port configured to receive a harddrive and at least one third port for connecting to the first port. 17.The system of claim 16, wherein the second port of a first drive moduleis configured to receive a first type of hard drive and the second portof a second hard drive module is configured to receive a second type ofhard drive.
 18. The system of claim 16, wherein the at least second portis provided on an interface board, and wherein the interface board isremovable from the drive module.
 19. The system of claim 16, furthercomprising a plurality of locking devices, each locking deviceconfigured to lock a drive module into the opening of the respectivedrive bay.
 20. The system of claim 16, wherein each drive module furthercomprises a support portion configured to stabilize the received harddrive.
 21. The system of claim 20, wherein the support portion isaffixed to the drive module by a hinge, such that the support portion ismoveable between an opened position and a closed position.
 22. Thesystem of claim 21, wherein, in the closed position, the support portioncovers the second and third ports.
 23. The system of claim 8, whereinthe control device, storage device and plurality of drive bays areintegrated within a single apparatus.
 24. The system of claim 23,wherein the apparatus is portable.
 25. The system of claim 23, whereinthe output device is integrated within the apparatus.
 26. A computerdevice comprising: at least one drive bay comprising a first port andconfigured to receive a drive module, and at least one drive module, theat least one drive module having at least one second port configured toreceive a hard drive and at least one third port for connecting to thefirst port.
 27. The device of claim 26, wherein the second port of afirst drive module is configured to receive a first type of hard driveand the second port of a second hard drive module is configured toreceive a second type of hard drive.
 28. The device of claim 26, whereinthe at least second port is provided on a first interface board, andwherein the first interface board is removable from the drive module.29. The device of claim 28, wherein the drive module is configured toreceive a second interface board in place of the first interface board,the second interface board comprising at least a fourth port configuredto receive a second type of hard drive.
 30. The device of claim 26,wherein each drive module further comprises a support portion configuredto stabilize the received hard drive.
 31. The device of claim 30,wherein the support portion is affixed to the drive module by a hinge,such that the support portion is moveable between an opened position anda closed position.
 32. The system of claim 31, wherein, in the closedposition, the support portion covers the second and third ports.
 33. Thedevice of claim 26, wherein the drive module is removable from the drivebay.
 34. A method for erasing at least one hard drive, the methodcomprising the acts of: providing an apparatus configured to erase ahard drive, the apparatus comprising a plurality of drive bays, eachdrive bay for receiving a hard drive and providing communication betweenthe hard drive and the apparatus; placing a first hard drive to beerased in a first drive bay; copying data from the hard drive; storingthe copied data; and operating the apparatus to conduct an eraseprocedure to erase data from the first hard drive, such that the data isforensically unrecoverable.
 35. The method of claim 34, furthercomprising, subsequent to the erase procedure, operating the apparatusto rewrite the copied data to the first hard drive.
 36. The method ofclaim 34, further comprising placing a second hard drive in a seconddrive bay, wherein the copied data is stored to the second hard drive.37. The method of claim 36, further comprising, prior to storing thecopied data, operating the apparatus to conduct an erase procedure toerase data from the second hard drive.
 38. The method of claim 34,wherein the apparatus further comprises a storage device, and furthercomprising operating the apparatus to store information about the eraseprocedure to the storage device, the stored information comprising atleast one item from the group consisting of a drive serial number, adrive manufacture, a drive model, a drive size, a start date/time stamp,an end date/time stamp, an erasure method, an indication of success orfailure, and a user who initiated the erase procedure.
 39. The method ofclaim 34, wherein the apparatus further comprises an output device andfurther comprising operating the output device to output a certificatecontaining information about the erase procedure, the certificateinformation comprising at least one item from the group consisting of: adrive serial number, a drive manufacture, a drive model, a drive size, astart date/time stamp, an end date/time stamp, an erasure method, anindication of success or failure, and a user who initiated the eraseprocedure.
 40. A method for erasing at least one hard drive, the methodcomprising the acts of: providing an apparatus configured to erase ahard drive, the apparatus comprising a storage device, an output deviceand at least one drive bay for providing communication between a harddrive and the apparatus; placing a first hard drive in a first drivebay; operating the apparatus to conduct a first erase procedure to erasedata from the first hard drive; and storing information to the storagedevice about the first erase procedure, the stored informationcomprising at least one item from the group consisting of: a driveserial number, a drive manufacture, a drive model, a drive size, a startdate/time stamp, an end date/time stamp, an erasure method, anindication of success or failure, and a user who initiated the eraseprocedure.
 41. The method of claim 40, wherein the apparatus furthercomprises an output device and further comprising operating the outputdevice to output a certificate containing information about the firsterase procedure, the certificate information comprising at least oneitem from the group consisting of: a drive serial number, a drivemanufacture, a drive model, a drive size, a start date/time stamp, anend date/time stamp, an erasure method, an indication of success orfailure, and a user who initiated the erase procedure.
 42. The method ofclaim 40, wherein conducting the first erase procedure comprises writingover the data to be erased using a current having a lower frequency thana current used to write the data.
 43. The method of claim 40, whereinthe act of placing the first hard drive in the first drive bay comprisesproviding communication between the hard drive and the apparatus suchthat impediments to data erasure in the hard drive are avoided.
 44. Themethod of claim 40, further comprising locking the first hard drivewithin the first drive bay using a locking device.
 45. The method ofclaim 40, further comprising detecting a locked or unlocked status ofthe locking device.
 46. The method of claim 45, wherein, if, during thefirst erase procedure, the detected status of the locking device isunlocked, designating the erase procedure as failed.
 47. The method ofclaim 40, wherein the first erase procedure renders the erased dataforensically unrecoverable.
 48. The method of claim 40, wherein the actof conducting the first erase procedure comprises conducting apredetermined number of write-overs.
 49. The method of claim 40, furthercomprising placing a second hard drive in a second drive bay.
 50. Themethod of claim 40, further comprising conducting a second eraseprocedure during at least a portion of a same time that the first eraseprocedure is being conducted.
 51. The method of claim 40, wherein thefirst erase procedure comprises: (a) writing over the first hard drive,erasing all data from the first drive such that the erased data isforensically unrecoverable, and (b) confirming that the data was erasedby reading at least a portion of the first hard drive, wherein (a), (b)and (c) are conducted in order.
 52. The method of claim 40, wherein thefirst erase procedure comprises: (a) writing predetermined data to aplurality of portions of the first hard drive, (b) erasing all data fromthe first drive such that the erased data is forensically unrecoverable,and (c) confirming that the data was erased by reading only theplurality of portions of the first hard drive written to in (a), wherein(a), (b) and (c) are conducted in order.